INTEGRATED DATA PLANE FOR HETEROGENEOUS NETWORK SERVICES
Network services can be dynamically configured on an integrated data path by establishing control paths between data plane entities located on the integrated data path and service entities associated with the network services. In this way, routing for the integrated data path is performed with fewer restrictions than traditional data planes, which are largely limited by the relative locations of pre-configured network nodes in the service network. As a result, the integrated data path may traverse a shorter or more favorable route over the services network, thereby achieving improved service network performance, lower latency periods, less congestion, etc. Further, a service topology on the integrated data path can be dynamically re-configured through the addition, removal, or reordering of data plane entities on the integrated data path.
Latest FutureWei Technologies, Inc. Patents:
- System and method for network positioning of devices in a beamformed communications system
- Antenna placement arrangements on device with extendable display
- Systems and methods for adaptive pilot allocation
- Primary preview region and gaze based driver distraction detection
- Method and apparatus for SSD storage access
The present invention relates generally to telecommunications, and in specific embodiments to systems and methods for Integrated Data Plane for Heterogeneous Network Services.
BACKGROUNDEnterprise customers often rely on service providers for various network services, such as caching, firewall, routing, intrusion prevention/detection and other services. Traditionally, each network service is statically configured on a different network component. For instance, routing services may be performed at an edge router, transcoding services may be performed at a process server, and media caching services may be performed at a media server. Accordingly, traffic flows requiring multiple network services are often forwarded between multiple network components in the services network. Since each network component has its own data plane, routing/forwarding procedures may be relatively complex for traffic flows requiring multiple network services. Further, forwarding a single traffic flow over multiple legs of the service network may result in significant congestion, which may decrease overall performance of the services network. Accordingly, techniques for reducing complexities associated with routing and forwarding of traffic flows in service networks are desired.
SUMMARY OF THE INVENTIONTechnical advantages are generally achieved, by embodiments of this disclosure which describe systems and methods for integrated data plane for heterogeneous network services.
In accordance with an embodiment, a method for providing integrated services on a data plane is provided. In this example, the method includes identifying a traffic flow to be transported over an integrated data path, identifying network services required by the traffic flow, and identifying one or more service entities associated with the network services required by the traffic flow. The integrated data path extends through a plurality of data plane entities. The method further includes configuring the network services on the integrated data path by establishing a control path between each of the one or more service entities and a corresponding one of the plurality of data plane entities. An apparatus for performing this method is also provided.
In accordance with another embodiment, a service network is provided. In this example, the service network includes an integrated data path for transporting a traffic flow, a plurality of data plane entities located on the integrated data path, a first service plane entity, and a second service plane entity. The first service plane entity is associated with a first network service required by the traffic flow, and the second service plane entity is associated with a second network service required by the traffic flow. The first service plane entity is connected to a first one of the plurality of data plane entities via a first control path, and the second service plane entity is connected to a second one of the plurality of data plane entities via a second control path.
For a more complete understanding of the present disclosure, and the advantages thereof, reference is now made to the following descriptions taken in conjunction with the accompanying drawings, in which:
Corresponding numerals and symbols in the different figures generally refer to corresponding parts unless otherwise indicated. The figures are drawn to clearly illustrate the relevant aspects of the embodiments and are not necessarily drawn to scale.
DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTSThe making and using of embodiments of this disclosure are discussed in detail below. It should be appreciated, however, that the concepts disclosed herein can be embodied in a wide variety of specific contexts, and that the specific embodiments discussed herein are merely illustrative and do not serve to limit the scope of the claims. Further, it should be understood that various changes, substitutions and alterations can be made herein without departing from the spirit and scope of this disclosure as defined by the appended claims.
Aspects of this disclosure provide an integrated data path upon which network services are dynamically configured for individual traffic flows. Unlike traditional data paths, which are routed between statically configured network nodes, aspects of this disclosure provide mechanisms for dynamically configuring network services on data plane entities of the integrated data path. More specifically, a network service is dynamically configured on a data plane entity by establishing a control path between the data plane entity and a service entity associated with the network service. In this way, routing for the integrated data path may be performed with fewer restrictions than traditional data planes, which are largely limited by the relative locations of pre-configured network nodes in the service network. As a result, the integrated data path may traverse a shorter or more favorable route over the services network, thereby achieving improved service network performance, e.g., lower latency periods, less congestion, etc. Further, separate control paths are established for each service entity. Accordingly, the order in which services are provided is dictated by a service topology, which may be dynamically configured/re-configured through the addition, removal, or reordering of data plane entities on the integrated data path.
Conventional service networks include network nodes that are statically pre-configured to perform a network service.
Aspects of this disclosure provide an integrated data path upon which services are dynamically configured. Advantageously, the integrated data path is not bound by the position of statically preconfigured network nodes, and therefore can be routed through the corresponding services network in a direct and/or favorable manner. Indeed, the integrated data path may extend through a single data path element.
Thereafter, the data path element 310 may configure data plane entities 311, 312, 313 on the integrated data path to perform the firewall, caching and transcoding services by establishing separate control paths with the service entities 321, 322, 323. In some embodiments, the data plane entities 311, 312, 313 already exist on the integrated data path. In other embodiments, the data path element 310 must instantiate (or otherwise create) the data plane entities 311, 312, 313. Once the data plane entities 311, 312, 313 are located/created, the data path element 310 establishes control paths between the data plane entities 311, 312, 313 and the service entities 321, 322, 323. More specifically, the data path element 310 establishes a control path between the service entity 321 and the data plane entity 311, thereby configuring the data plane entity 311 to perform firewall services on the traffic flow transported over the integrated data path. Further, the data path element 310 establishes a control path between the service entity 322 and the data plane entity 312, thereby configuring the data plane entity 312 to perform caching services on the traffic flow transported over the integrated data path. Additionally, the data path element 310 establishes a control path between the service entity 323 and the data plane entity 313, thereby configuring the data plane entity 313 to perform transcoding services on the traffic flow transported over the integrated data path. As shown, the control paths for each service are separate/distinct from one another, while the data path is common/integrated. Hence, the integrated data path may traverse a shorter, more direct path through the network, thereby allowing service networks to more effectively adapt to diverse and/or changing environments. Notably, the order in which the services is configurable through the service topology. For example, locating the service entity 322 ahead of the service entity 323 in the service topology ensures that the caching service will be performed prior to the transcoding service. Further, service entities may be dynamically added to or removed from the network architecture 300. Additionally, one or multiple service entities may interact with the integrated data path at any given time.
Conventionally, bridging and traffic are simplified through virtualization using an open virtual switch (OVS). However, when external services are enabled, the traffic path may become complicated and/or exhibit low performance. Aspects of this disclosure provide high performance via an integrated data path. Aspects of this disclosure may be applicable for physical/legacy network system as well as a virtualized system. In a physical or virtual system, one unified forwarding/data plane (DP) can present. Besides the basic packet forwarding, the DP is capable of enabling other network services as Firewall, load-balance, Wide Area Application Services (WAAS), IP security (IPsec), App-aware policy, etc. The service may not be enabled by default, and one or more controllers can be configured to enable the services during establishment of the integrated data path.
End-to-end traffic might require new services that are not available in a current services network. In such a case, system administrators can locate a compatible controller from the controller depot, and active it in the system. Upon the new controller activation, the DP will use a common method of communication, and the controller will enable the service for the data plane. The traffic flow remain on the data path, rather than being forwarded to the controller. Certain meta-data may pass from service to service, and service order is programmable from a topology/transport layer network instantiation in the system. In some embodiments, legacy network devices may have only one controller, e.g., a homogeneous controller for the DP. Accordingly the integrated data path provided herein can integrate with heterogeneous controllers that have non-contiguous functions.
Although the description has been described in detail, it should be understood that various changes, substitutions and alterations can be made without departing from the spirit and scope of this disclosure as defined by the appended claims. Moreover, the scope of the disclosure is not intended to be limited to the particular embodiments described herein, as one of ordinary skill in the art will readily appreciate from this disclosure that processes, machines, manufacture, compositions of matter, means, methods, or steps, presently existing or later to be developed, may perform substantially the same function or achieve substantially the same result as the corresponding embodiments described herein. Accordingly, the appended claims are intended to include within their scope such processes, machines, manufacture, compositions of matter, means, methods, or steps.
Claims
1. A method for providing integrated services on a data plane, the method comprising:
- identifying a traffic flow to be transported over an integrated data path, the integrated data path extending through a plurality of data plane entities;
- identifying network services required by the traffic flow;
- identifying one or more service entities associated with the network services required by the traffic flow; and
- configuring the network services on the integrated data path by establishing a control path between each of the one or more service entities and a corresponding one of the plurality of data plane entities.
2. The method of claim 1, wherein the one or more service entities comprise at least a first service entity associated with a first network service required by the traffic flow.
3. The method of claim 2, wherein configuring the network services on the integrated data path comprises:
- establishing a first control path between the first service entity and a first data plane entity in the plurality of data plane entities.
4. The method of claim 3, wherein the first control path was not established prior to receiving the traffic flow.
5. The method of claim 2, wherein the one or more service entities further comprise a second service entity associated with a second network service required by the traffic flow.
6. The method of claim 5, wherein configuring the network services on the integrated data path comprises:
- establishing a first control path between the first service entity and a first data plane entity in the plurality of data plane entities; and
- establishing a second control path between the second service entity and a second data plane entity in the plurality of data plane entities.
7. The method of claim 6, wherein the second control path is separate from the first control path.
8. The method of claim 6, wherein the first data plane entity is different than the second data plane entity.
9. The method of claim 1, wherein the network services required by the traffic flow include at least one of a firewall service, an intrusion prevention service (IPS), an intrusion detection service (IDS), a caching service, and a transcoding service.
10. An apparatus comprising:
- a processor; and
- a computer readable storage medium storing programming for execution by the processor, the programming including instructions to:
- identify a traffic flow to be transported over an integrated data path, the integrated data path extending through a plurality of data plane entities; identify network services required by the traffic flow; identify one or more service entities associated with the network services required by the traffic flow; and configure the network services on the integrated data path by establishing a control path between each of the one or more service entities and a corresponding one of the plurality of data plane entities.
11. The apparatus of claim 10, wherein the one or more service entities comprise at least a first service entity associated with a first network service required by the traffic flow.
12. The apparatus of claim 11, wherein the instructions to configure the network services on the integrated data path include instructions to:
- establish a first control path between the first service entity and a first data plane entity in the plurality of data plane entities.
13. The apparatus of claim 12, wherein the first control path was not established prior to receiving the traffic flow.
14. A service network comprising:
- an integrated data path for transporting a traffic flow;
- a plurality of data plane entities located on the integrated data path;
- a first service plane entity associated with a first network service required by the traffic flow, wherein the first service plane entity is connected to a first one of the plurality of data plane entities via a first control path; and
- a second service plane entity associated with a second network service, wherein the second service plane entity is connected to a second one of the plurality of data plane entities via a second control path.
15. The service network of claim 14, wherein the first control path is separate from the second control path.
16. The service network of claim 14, wherein the first data plane entity is different than the second data plane entity.
17. The service network of claim 16, wherein the first data plane entity is configured to perform the first network service to the traffic flow transported over the integrated data path.
18. The service network of claim 17, wherein the second data plane entity is configured to perform the second network service to the traffic flow transported over the integrated data path.
19. The service network of claim 18, wherein the first data plane entity and the second data plane entity are part of a service topology that defines an order for performing the first network service and the second network service.
20. The service network of claim 19, wherein the service topology is configured to be dynamically adjusted by reordering data plane entities on the integrated data path.
21. The service network of claim 19, wherein the service topology is configured to be dynamically adjusted by removing one or more data plane entities from the integrated data path.
22. The service network of claim 19, wherein the service topology is configured to be dynamically adjusted by adding a new data plane entity to the integrated data path.
Type: Application
Filed: Mar 13, 2013
Publication Date: Sep 18, 2014
Patent Grant number: 9467356
Applicant: FutureWei Technologies, Inc. (Plano, TX)
Inventors: Jun Xu (Cupertino, CA), Shree Murthy (San Jose, CA)
Application Number: 13/802,220
International Classification: H04L 12/70 (20130101);